urlscan.io logo urlscan.io
SecurityTrails logo

wheel-crazy-time-tr.pu267ev.com Open in urlscan Pro
2606:4700:20::ac43:4889  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://go-pupromo.com/EKhF64zx/?subId1=clickadilla&subId2=%5BCLICK_ID%5D&subId3=clickadilla-push
Effective URL: https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevo...
Submission: On August 09 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 10 domains to perform 35 HTTP transactions. The main IP is 2606:4700:20::ac43:4889, located in United States and belongs to CLOUDFLARENET, US. The main domain is wheel-crazy-time-tr.pu267ev.com.
TLS certificate: Issued by WE1 on July 29th 2024. Valid for: 3 months.
This is the only time wheel-crazy-time-tr.pu267ev.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 185.159.247.247 209242 (CLOUDFLAR...)
16 2606:4700:20:... 13335 (CLOUDFLAR...)
2 142.250.184.196 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 3.64.117.214 16509 (AMAZON-02)
1 18.66.122.18 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.185.159.253 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
6 3.121.84.39 16509 (AMAZON-02)
1 216.58.206.34 15169 (GOOGLE)
35 12
1    185.159.247.247 (São Paulo, Brazil)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
go-pupromo.com
16    2606:4700:20::ac43:4889 (United States)

ASN13335 (CLOUDFLARENET, US)
wheel-crazy-time-tr.pu267ev.com
2    142.250.184.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f4.1e100.net
www.google.com
2    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    3.64.117.214 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-117-214.eu-central-1.compute.amazonaws.com
fs.pudaf.com
1    18.66.122.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-18.fra60.r.cloudfront.net
js.datadome.co
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    18.185.159.253 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-159-253.eu-central-1.compute.amazonaws.com
api-js.datadome.co
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
6    3.121.84.39 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-84-39.eu-central-1.compute.amazonaws.com
f.pudaf.com
1    216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f2.1e100.net
pagead2.googlesyndication.com
Apex Domain
Subdomains		 Transfer
16 pu267ev.com
wheel-crazy-time-tr.pu267ev.com
1 MB
7 pudaf.com
fs.pudaf.com — Cisco Umbrella Rank: 333230
f.pudaf.com — Cisco Umbrella Rank: 287255
67 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3123
310 B
2 datadome.co
js.datadome.co — Cisco Umbrella Rank: 6926
api-js.datadome.co — Cisco Umbrella Rank: 6331
29 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
174 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 10
1 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 157
24 B
1 gstatic.com
www.gstatic.com
213 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
870 B
1 go-pupromo.com
go-pupromo.com
682 B
35 10
Domain Requested by
16 wheel-crazy-time-tr.pu267ev.com wheel-crazy-time-tr.pu267ev.com
6 f.pudaf.com wheel-crazy-time-tr.pu267ev.com
2 region1.google-analytics.com wheel-crazy-time-tr.pu267ev.com
2 www.googletagmanager.com wheel-crazy-time-tr.pu267ev.com
www.googletagmanager.com
2 www.google.com wheel-crazy-time-tr.pu267ev.com
www.gstatic.com
1 pagead2.googlesyndication.com wheel-crazy-time-tr.pu267ev.com
1 api-js.datadome.co js.datadome.co
1 www.gstatic.com www.google.com
1 fonts.googleapis.com wheel-crazy-time-tr.pu267ev.com
1 js.datadome.co wheel-crazy-time-tr.pu267ev.com
1 fs.pudaf.com wheel-crazy-time-tr.pu267ev.com
1 go-pupromo.com 1 redirects
35 12

This site contains links to these domains. Also see Links.

Domain
tdsnext.com
Subject Issuer Validity Valid
pu267ev.com
WE1		 2024-07-29 -
2024-10-27		 3 months crt.sh
*.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.pinup-antifraud.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
*.datadome.co
Gandi RSA Domain Validation Secure Server CA 3		 2023-10-10 -
2024-11-09		 a year crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1723227643400795971&trId=cqr5ruvvknbfp7c7aijg
Frame ID: 5D0A266F0CCB45A2123BC13BD712BAF5
Requests: 31 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lfxs6UUAAAAAE3kzerSlj_d5OF7IeWoXvzOE_50&co=aHR0cHM6Ly93aGVlbC1jcmF6eS10aW1lLXRyLnB1MjY3ZXYuY29tOjQ0Mw..&hl=de&v=_ZpyzC9NQw3gYt1GHTrnprhx&size=invisible&cb=8ykirf5wrlqy
Frame ID: C3FC5B5E3F6D451EA49CB7F5494CA48E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

150 000 ₺ + 250 fs

Page URL History Show full URLs

  1. https://go-pupromo.com/EKhF64zx/?subId1=clickadilla&subId2=%5BCLICK_ID%5D&subId3=clickadilla-push HTTP 302
    https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=cas... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

35
Requests

97 %
HTTPS

42 %
IPv6

10
Domains

12
Subdomains

12
IPs

3
Countries

1778 kB
Transfer

2817 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://go-pupromo.com/EKhF64zx/?subId1=clickadilla&subId2=%5BCLICK_ID%5D&subId3=clickadilla-push HTTP 302
    https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1723227643400795971&trId=cqr5ruvvknbfp7c7aijg Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
wheel-crazy-time-tr.pu267ev.com/
Redirect Chain
  • https://go-pupromo.com/EKhF64zx/?subId1=clickadilla&subId2=%5BCLICK_ID%5D&subId3=clickadilla-push
  • https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-...
18 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1723227643400795971&trId=cqr5ruvvknbfp7c7aijg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4889 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
932313c65ee1bffa5ba2771f458af0a25c645dda963b1d74c5e37ece643fa0f9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8b09c3043c564d5c-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 09 Aug 2024 18:20:43 GMT
last-modified
Fri, 09 Aug 2024 10:26:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9bUuQd4o1OoH5zAzexdM%2F92Akdn54YaE5m8tgnAhjM58%2BbTohFgh9L57NfjvW%2BCc6igUCWEMZDY0QvVTXxTqBKMu4XAOb9%2BJDtgJbv4zxG2y3ol%2FwBMALMmviIarp%2Fp7Txi1nVMXPK9D6vEB97qwWcZdgB5fred8g0ur5FM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
8b09c3029ba34504-TXL
content-length
0
date
Fri, 09 Aug 2024 18:20:43 GMT
location
https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1723227643400795971&trId=cqr5ruvvknbfp7c7aijg
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
main.css
wheel-crazy-time-tr.pu267ev.com/ 		38 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wheel-crazy-time-tr.pu267ev.com/main.css
Requested by
Host: wheel-crazy-time-tr.pu267ev.com
URL: https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1723227643400795971&trId=cqr5ruvvknbfp7c7aijg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4889 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fac096aafa62f48129a54bf856fd215d128a3bf8eada7a6bd9181a04fed4fd32

Request headers

Referer
https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1723227643400795971&trId=cqr5ruvvknbfp7c7aijg
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 18:20:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 09 Aug 2024 10:26:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
696
etag
W/"66b5eebd-9936"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zUSFd3NuUEtMqBsQSKccjgKZg4%2BNliKY6e1ESULtYjlRVaFpzhMdBhztKjBPQ%2BWeTWTmDxJlUHyxXdIUsB%2FJwOugC4%2BfLLdr2v%2FoFNtS8NCQ%2BTi%2BrEotofLpfQGhcZG8XyDrG1uLKpwWe482i%2FD2W45eOqClRbLV3EwemC8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8b09c3050d6c4d5c-FRA
crazy_time.png
wheel-crazy-time-tr.pu267ev.com/img/logo/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wheel-crazy-time-tr.pu267ev.com/img/logo/crazy_time.png
Requested by
Host: wheel-crazy-time-tr.pu267ev.com
URL: https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1723227643400795971&trId=cqr5ruvvknbfp7c7aijg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4889 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd1ac4b6407bba720f490d5409d18fa390947443ae4067a5c6c279fdf949f703

Request headers

Referer
https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1723227643400795971&trId=cqr5ruvvknbfp7c7aijg
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 18:20:43 GMT
cf-cache-status
HIT
last-modified
Fri, 09 Aug 2024 10:25:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
696
etag
"66b5eeb7-ac04"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JVGE%2FruLZucffuqFee30%2F4%2FGKf5vdBwTXdBUGXqOEGf3JNIHePMVWo0nFAvCE9%2Bw6TU5s%2BwaVnQ2lA%2F%2F5UYIN%2B7qRU1XWY7wm6Ys1EoFMmoOmZp76wORQjCKxRQCiwhLwSgCobtptvmrcCPmPCkSDzN389qfo904C23iwzc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8b09c3050d704d5c-FRA
content-length
44036
logo_casino.svg
wheel-crazy-time-tr.pu267ev.com/img/logo/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wheel-crazy-time-tr.pu267ev.com/img/logo/logo_casino.svg
Requested by
Host: wheel-crazy-time-tr.pu267ev.com
URL: https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1723227643400795971&trId=cqr5ruvvknbfp7c7aijg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4889 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9392ee9abc6973a734d747f6e7bdfe28d1dd2594abca0b0df1b92e3d161fd14f

Request headers

Referer
https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1723227643400795971&trId=cqr5ruvvknbfp7c7aijg
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 18:20:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 09 Aug 2024 10:25:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
696
etag
W/"66b5eeb7-1cc1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O6K15rbNNlFLh7ArextGWUwHKk5slChki%2F3a2KllfD2mEdECxlVvfWqbNvrreJx8GpZgJZt0eAPdbPwVhDxp9wgJIISIRrkZfNdgGslCY%2F4%2Bn8bWvd%2Fxpf7%2FMUYoAZIlHoM3a5vKs%2Byndw0g70BpAOJ04zVaYTTR3mgXREg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
8b09c3050d724d5c-FRA
woman.png
wheel-crazy-time-tr.pu267ev.com/img/decor/ 		412 KB
413 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wheel-crazy-time-tr.pu267ev.com/img/decor/woman.png
Requested by
Host: wheel-crazy-time-tr.pu267ev.com
URL: https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1723227643400795971&trId=cqr5ruvvknbfp7c7aijg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4889 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d504fbebade88990eafbbde18fbe5364c3c25a9784fbdd85c7b09c6c5a20dfd5

Request headers

Referer
https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1723227643400795971&trId=cqr5ruvvknbfp7c7aijg
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 18:20:43 GMT
cf-cache-status
HIT
last-modified
Fri, 09 Aug 2024 10:25:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
696
etag
"66b5eeb7-66fdf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zrSPmyxGLE1icnQYRsBceDUcsWWTx5hCWI3nXwKyAMJGBHr7599H6DuC7cRiVitYZ6eDGJ7kZn%2F34VcvvSHNP%2B8dXEOwKd5xefCGRQCZnBV7G3xahky8ocEOO8eEShVzWvezkM4KItHZ9lkyOJJhsoIWz70xxnVvZt3g8yI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8b09c3053d9d4d5c-FRA
content-length
421855
coins.png
wheel-crazy-time-tr.pu267ev.com/img/decor/ 		148 KB
149 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wheel-crazy-time-tr.pu267ev.com/img/decor/coins.png
Requested by
Host: wheel-crazy-time-tr.pu267ev.com
URL: https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1723227643400795971&trId=cqr5ruvvknbfp7c7aijg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4889 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5677c634481977d00497892ebf81a014c261479dfa8106c8c6d400f42dfbd7e4

Request headers

Referer
https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1723227643400795971&trId=cqr5ruvvknbfp7c7aijg
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 18:20:43 GMT
cf-cache-status
HIT
last-modified
Fri, 09 Aug 2024 10:25:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
696
etag
"66b5eeb7-251d8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y11rLyKa4AzOPUdO5Ti4gGBH3cHTWt6thXl%2FLCl6WYTfTfOP%2Fnywh3GIF5qT%2FkgN8NsvoJU0ymjYvegowQyqK98knkx1tWqEyvMIRYbQVP7kbHySMInXKImOS2i90qQy3RMBRBGX9oCPJK%2Bm8PFd1NmXjQXtBe9oo5itzIA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8b09c3053da14d5c-FRA
content-length
152024
enterprise.js
www.google.com/recaptcha/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise.js?render=6Lfxs6UUAAAAAE3kzerSlj_d5OF7IeWoXvzOE_50
Requested by
Host: wheel-crazy-time-tr.pu267ev.com
URL: https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1723227643400795971&trId=cqr5ruvvknbfp7c7aijg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f4.1e100.net
Software
GSE /
Resource Hash
72d888fa51d3f256897c7c81b6680086f4fa50664662bbf48cf28ced83314ed4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wheel-crazy-time-tr.pu267ev.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 18:20:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Fri, 09 Aug 2024 18:20:43 GMT
bundle.js
wheel-crazy-time-tr.pu267ev.com/ 		93 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wheel-crazy-time-tr.pu267ev.com/bundle.js
Requested by
Host: wheel-crazy-time-tr.pu267ev.com
URL: https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1723227643400795971&trId=cqr5ruvvknbfp7c7aijg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4889 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59be4f26ebbd3d217c718297b47ecccba9fe2d944b8d1af45ab234261901c3ac

Request headers

Referer
https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1723227643400795971&trId=cqr5ruvvknbfp7c7aijg
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 18:20:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 09 Aug 2024 10:25:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
696
etag
W/"66b5eeb3-17353"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lH6H5ICFMNoIvMAiYmoJ%2Fmo5Yubg8OLeoCe7hFgSbKFca4aJjYutux3NRVYMVNdAS1QEGMK1bUDVO7c84guE%2B%2BlG2sW3ZbOndWTZNlFqoPt4Dy1i6TPMD8y%2FcN%2Bz720Y2j2BZAUuYud0Uc1zfL86WnYndR1QHiFDq9wcTTc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400
cf-ray
8b09c3053da74d5c-FRA
gtm.js
www.googletagmanager.com/ 		216 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TZJH477
Requested by
Host: wheel-crazy-time-tr.pu267ev.com
URL: https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1723227643400795971&trId=cqr5ruvvknbfp7c7aijg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a50136004ee9efc85b03c8c52282aecf377a54bf436cae3868b6c71e1fbaa68d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://wheel-crazy-time-tr.pu267ev.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 18:20:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77361
x-xss-protection
0
last-modified
Fri, 09 Aug 2024 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 09 Aug 2024 18:20:43 GMT
fp.js
fs.pudaf.com/ 		213 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fs.pudaf.com/fp.js
Requested by
Host: wheel-crazy-time-tr.pu267ev.com
URL: https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1723227643400795971&trId=cqr5ruvvknbfp7c7aijg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.64.117.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-117-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
d9cf47784e8afcf57e1b02f42022e6c75227328ad07ff706edadfde8321a0ce9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://wheel-crazy-time-tr.pu267ev.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 18:20:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 29 Jul 2024 08:22:55 GMT
etag
W/"66a7515f-35261"
content-type
application/javascript
tags.js
js.datadome.co/ 		157 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.datadome.co/tags.js
Requested by
Host: wheel-crazy-time-tr.pu267ev.com
URL: https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1723227643400795971&trId=cqr5ruvvknbfp7c7aijg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-18.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aeac24730f4080c22a0250b34eb8b26ee822e09035b3f6e84ebd8a63eb099f91
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://wheel-crazy-time-tr.pu267ev.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
xwE673c.fkzJ8mdhNbpSFitxZIm0Cv_u
content-encoding
br
via
1.1 3072267d18c4d0ed9e535752800364e0.cloudfront.net (CloudFront)
date
Fri, 09 Aug 2024 17:37:37 GMT
strict-transport-security
max-age=15768000
x-amz-cf-pop
FRA60-P2
age
2587
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 01 Aug 2024 11:41:36 GMT
server
AmazonS3
etag
W/"ee8364483523f4897404c6a35e76d353"
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
max-age=3600, public
x-amz-cf-id
m6uasDhHEXOD0pvwPTQ0ubIDE636B7cFxKR08YjYZWt7aTBgtpR3Fg==
css2
fonts.googleapis.com/ 		1 KB
870 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Rajdhani:wght@700&display=swap
Requested by
Host: wheel-crazy-time-tr.pu267ev.com
URL: https://wheel-crazy-time-tr.pu267ev.com/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dda44dc7be2e45d359cebdcb2f958d375fda16aef7caf626aa597aa2cea9570a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://wheel-crazy-time-tr.pu267ev.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 09 Aug 2024 18:20:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 09 Aug 2024 17:35:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 09 Aug 2024 18:20:43 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/_ZpyzC9NQw3gYt1GHTrnprhx/ 		534 KB
213 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/_ZpyzC9NQw3gYt1GHTrnprhx/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6Lfxs6UUAAAAAE3kzerSlj_d5OF7IeWoXvzOE_50
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e2c26febf7b51577d135dea6309dbbb01492c6e66dd157c3da5c7bdf293fc5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wheel-crazy-time-tr.pu267ev.com/
Origin
https://wheel-crazy-time-tr.pu267ev.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 16:12:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7714
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
217245
x-xss-protection
0
last-modified
Tue, 06 Aug 2024 00:43:36 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 09 Aug 2025 16:12:10 GMT
bg.jpg
wheel-crazy-time-tr.pu267ev.com/img/ 		221 KB
221 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wheel-crazy-time-tr.pu267ev.com/img/bg.jpg
Requested by
Host: wheel-crazy-time-tr.pu267ev.com
URL: https://wheel-crazy-time-tr.pu267ev.com/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4889 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31fd59bf9d0b3fd3a4040ba7f5a0e0c30bf0b3fd1ebae27b18c5872df9a300cf

Request headers

Referer
https://wheel-crazy-time-tr.pu267ev.com/main.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 18:20:43 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Fri, 09 Aug 2024 10:25:59 GMT
server
cloudflare
age
102
etag
"66b5eeb7-3722b"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uuZCU9oMsf8asPRlJApEYQsT%2Bs2JevIw3f2A5%2BZEY16xWR4vEprq9epXb7SZzb9DrW0vOdNAq%2BV916Y5sDLdaWgtGXd%2Fdg0w0miMlVNaN64FpsI99soV7FdSAnEKZDGBDxb9CaRePofGvsuYGUYoDL%2BflN%2B8ZPxT6pirSj4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8b09c3066f074d5c-FRA
content-length
225835
wheel-center.png
wheel-crazy-time-tr.pu267ev.com/img/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wheel-crazy-time-tr.pu267ev.com/img/wheel-center.png
Requested by
Host: wheel-crazy-time-tr.pu267ev.com
URL: https://wheel-crazy-time-tr.pu267ev.com/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4889 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a0d41ac4c8053b18a6e09c64c7c7b2e65eb43583e34a7b03b26be44c38163c7

Request headers

Referer
https://wheel-crazy-time-tr.pu267ev.com/main.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 18:20:43 GMT
cf-cache-status
HIT
last-modified
Fri, 09 Aug 2024 10:25:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
102
etag
"66b5eeb7-4dbe"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L10J7%2BZB%2FQ%2BDSsXvHi59DDAHktwY%2B6YKO3My9mQZJ1LvZiZpYG%2BCVlyfZw606S%2BD8dLq6vw4grx0m0EvzcGgH0CrPC%2BmMw7ITuKWfdAxMI97QQrn9Sjc3sOmipQzPNbcRoX1TUKord74%2BJwuFXWE2xbyXN2S1VhfsJv0GrU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8b09c3066f084d5c-FRA
content-length
19902
wheel-top.png
wheel-crazy-time-tr.pu267ev.com/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wheel-crazy-time-tr.pu267ev.com/img/wheel-top.png
Requested by
Host: wheel-crazy-time-tr.pu267ev.com
URL: https://wheel-crazy-time-tr.pu267ev.com/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4889 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8989b0ba795953979f81f0b2c3578193b9970d67a17ff6afe34d31a46236569a

Request headers

Referer
https://wheel-crazy-time-tr.pu267ev.com/main.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 18:20:43 GMT
cf-cache-status
HIT
last-modified
Fri, 09 Aug 2024 10:25:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
102
etag
"66b5eeb7-d23"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kvhwqgaIs41xKYFnVtFeaoqze%2F%2BEA2kwXam3zQZRuqKwp6ZsVpcFQlTle3o5ZBBdlqKzuRkJaeWnRZVjSveNETXLZCuMAipRdXkFyPMcCcSvo%2BCm3PGTT9BqPc8PFq2W0jKse4JaX0J2%2Fp88EzZoiyejtL5st2YJpjfAZvw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8b09c3066f094d5c-FRA
content-length
3363
wheel_sprite-tr.png
wheel-crazy-time-tr.pu267ev.com/img/ 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wheel-crazy-time-tr.pu267ev.com/img/wheel_sprite-tr.png
Requested by
Host: wheel-crazy-time-tr.pu267ev.com
URL: https://wheel-crazy-time-tr.pu267ev.com/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4889 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb87f83de7cfb393caa5e970b9382af03901c4be5d54df17491a9fe6c2350247

Request headers

Referer
https://wheel-crazy-time-tr.pu267ev.com/main.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 18:20:43 GMT
cf-cache-status
HIT
last-modified
Fri, 09 Aug 2024 10:26:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
102
etag
"66b5eeb8-18f77"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FOtDYVTVcrVdtAkOVU7KGRb4wLvrH9sC%2BKHid3Ja00x8qVKwImjQmYxWqQ6jFKE4Ks0eGK6k%2Fz0n8mNG7Xr2kkp%2BcmpkD3V4qwP5PEdUhKbWNy2yZJBB3OmDCJZKUkzi0q5P9WF0hTd%2FsLSGI5sDHiUgt9cXd%2FVitenZizc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8b09c3066f0c4d5c-FRA
content-length
102263
wheel-frame.png
wheel-crazy-time-tr.pu267ev.com/img/ 		135 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wheel-crazy-time-tr.pu267ev.com/img/wheel-frame.png
Requested by
Host: wheel-crazy-time-tr.pu267ev.com
URL: https://wheel-crazy-time-tr.pu267ev.com/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4889 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
baa8363375f1811d2ef52f54a14f2a40a47e96f181ed3462eabf4aa254ac3ed7

Request headers

Referer
https://wheel-crazy-time-tr.pu267ev.com/main.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 18:20:43 GMT
cf-cache-status
HIT
last-modified
Fri, 09 Aug 2024 10:25:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
102
etag
"66b5eeb7-21d68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qwr1QM%2FoR6Abpkz2npPhwD8RCzabDCyIcappulLSAfFW8Gv3TxGAifd05gcRPv4TXw4xqkSS5DUsqdkrFo2nY6086dN9RavPOsOLKDHvVdt5cde9YByRMvhuOhKc5OiqiyRkBI%2FUFvXh%2B2qUhTDDXgqgoAwhN6FHciLzY9I%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8b09c3066f0e4d5c-FRA
content-length
138600
Pinup-Black.woff
wheel-crazy-time-tr.pu267ev.com/fonts/src/fonts/Pinup-Black/ 		100 KB
101 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://wheel-crazy-time-tr.pu267ev.com/fonts/src/fonts/Pinup-Black/Pinup-Black.woff
Requested by
Host: wheel-crazy-time-tr.pu267ev.com
URL: https://wheel-crazy-time-tr.pu267ev.com/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4889 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0071e5cf68a74c19bd55355486916183bff7afa7f1d16aea03e04736aa621e3

Request headers

Referer
https://wheel-crazy-time-tr.pu267ev.com/main.css
Origin
https://wheel-crazy-time-tr.pu267ev.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 18:20:43 GMT
cf-cache-status
HIT
last-modified
Fri, 09 Aug 2024 10:25:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
633
etag
"66b5eeb4-18fec"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vNCHvpMzXLVCZIGzcoVe1EaiT811okr6NC2bXpsKDhwSSgR8EVfnrMV31ErOJKjL%2BSP9GSnc23Mjv%2Fhb%2BBkr82qc78GnlwIkfnu4iVUHb45Z7nEXDzcJSJbRVDP5xwR63QotrIEspJXiVbnyOf%2BJ5yxBzDeDD2fsTKgD80c%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8b09c3069f344d5c-FRA
content-length
102380
Roboto-Regular.woff2
wheel-crazy-time-tr.pu267ev.com/fonts/src/fonts/Roboto-Regular/ 		64 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://wheel-crazy-time-tr.pu267ev.com/fonts/src/fonts/Roboto-Regular/Roboto-Regular.woff2
Requested by
Host: wheel-crazy-time-tr.pu267ev.com
URL: https://wheel-crazy-time-tr.pu267ev.com/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4889 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f62f51295d471a285e41bf8063c23b6046ee2770a5c0baa55a5a7ed04251d22

Request headers

Referer
https://wheel-crazy-time-tr.pu267ev.com/main.css
Origin
https://wheel-crazy-time-tr.pu267ev.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 18:20:43 GMT
cf-cache-status
HIT
last-modified
Fri, 09 Aug 2024 10:25:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3284
etag
"66b5eeb6-101c8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i5lvEKrgC4caCIbd9r0u33JfIaDJ6F0kxJlZ5CeEwmVTEAwU1E70JDabTcjycBZKkvoMlj49mYjQ8lGJiRZKTB5Lb4wtqrYS4NFPvV7Py2LjJs2wbW%2Fq6VeqFC4dla3NMzlqiAoOQ9Hx5UB3RFB5lAOPaUaJrAAvdDBlqNA%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8b09c3069f354d5c-FRA
content-length
65992
turkey.png
wheel-crazy-time-tr.pu267ev.com/img/country/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wheel-crazy-time-tr.pu267ev.com/img/country/turkey.png
Requested by
Host: wheel-crazy-time-tr.pu267ev.com
URL: https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1723227643400795971&trId=cqr5ruvvknbfp7c7aijg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4889 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4572c20092423c491c830915d4eccaad9b43524a9e74eb39d1ca7db8d66f8370

Request headers

Referer
https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1723227643400795971&trId=cqr5ruvvknbfp7c7aijg
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 18:20:43 GMT
cf-cache-status
HIT
last-modified
Fri, 09 Aug 2024 10:26:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6586
etag
"66b5eeba-4a9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XMqoekvsquwfp9wh0HlmYWWtQL8MZ1U8guKY0pROXtnnEoDZjx6uToL5I5vIaUdbIfD3yMzNviIGoqAFL1EPPDeBKJU%2FsRVAcP%2F2HioiC%2BkGEUpxXAP0NuwO0%2BlMqsd8s%2BzHwKVz%2F%2BpV4%2BopXmBFc3g6MzSnR%2FWTvlQLOYs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8b09c3069f374d5c-FRA
content-length
1193
98f4b75d-5b36-4a29-a7a7-e5ed01b8727b
https://wheel-crazy-time-tr.pu267ev.com/ 		597 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://wheel-crazy-time-tr.pu267ev.com/98f4b75d-5b36-4a29-a7a7-e5ed01b8727b
Requested by
Host: wheel-crazy-time-tr.pu267ev.com
URL: https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1723227643400795971&trId=cqr5ruvvknbfp7c7aijg
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6292d47914f9b1671e0c7b3076ea35aa0127785ed01ae8df56f534171114b08a

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
597
Content-Type
application/javascript
/
api-js.datadome.co/js/ 		232 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-js.datadome.co/js/
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.185.159.253 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-159-253.eu-central-1.compute.amazonaws.com
Software
DataDome /
Resource Hash
adbb40715f9a17077d435955d752d70bb34b4b99f3eed7f72da22abb495aaba3

Request headers

Referer
https://wheel-crazy-time-tr.pu267ev.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 09 Aug 2024 18:20:44 GMT
server
DataDome
content-type
application/json;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
232
expires
0
js
www.googletagmanager.com/gtag/ 		288 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FSDW78HQ4L&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TZJH477
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f4dcfa62697489ac0a1d54cb03dba9febca086fdafb891a6f165041645c64482
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://wheel-crazy-time-tr.pu267ev.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 18:20:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
100317
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 09 Aug 2024 18:20:44 GMT
anchor
www.google.com/recaptcha/enterprise/ Frame C3FC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lfxs6UUAAAAAE3kzerSlj_d5OF7IeWoXvzOE_50&co=aHR0cHM6Ly93aGVlbC1jcmF6eS10aW1lLXRyLnB1MjY3ZXYuY29tOjQ0Mw..&hl=de&v=_ZpyzC9NQw3gYt1GHTrnprhx&size=invisible&cb=8ykirf5wrlqy
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_ZpyzC9NQw3gYt1GHTrnprhx/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-WYXorZJLv2095B3kCtbSIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wheel-crazy-time-tr.pu267ev.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-WYXorZJLv2095B3kCtbSIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 09 Aug 2024 18:20:44 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
collect
region1.google-analytics.com/g/ 		0
265 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-FSDW78HQ4L&gtm=45je4880v893553001z8893121458za200zb893121458&_p=1723227643687&gcd=13l3lPl2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=898961945.1723227645&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1723227644&sct=1&seg=0&dl=https%3A%2F%2Fwheel-crazy-time-tr.pu267ev.com%2F%3Fform_email%3D%257Bform_email%257D%26form_phone%3D%257Bform_phone%257D%26lang%3Dtr%26lrrPath%3Dcasino%252Fprovider%252Fevolution%26pc%3D30%26s1%3Dclickadilla%26s2%3D%255BCLICK_ID%255D%26s3%3Dclickadilla-push%26s4%3D%26s5%3D%26source%3D%26st%3DEKhF64zx%26startTime%3D1723227643400795971%26trId%3Dcqr5ruvvknbfp7c7aijg&dt=150%20000%20%E2%82%BA%20%2B%20250%20fs&en=page_view&_fv=1&_nsi=1&_ss=1&ep.timestamp=2024-08-09T20%3A20%3A44.697%2B02%3A00&ep.gtm_version=GTM-TZJH477%20%7C%20v.%204&up.clientId=&tfd=1707
Requested by
Host: wheel-crazy-time-tr.pu267ev.com
URL: https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1723227643400795971&trId=cqr5ruvvknbfp7c7aijg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wheel-crazy-time-tr.pu267ev.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Aug 2024 18:20:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wheel-crazy-time-tr.pu267ev.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
favicon-32x32.png
wheel-crazy-time-tr.pu267ev.com/img/favicon/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://wheel-crazy-time-tr.pu267ev.com/img/favicon/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4889 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f4dd081764684e967c695a7ca1227fa7998736c83e4d9608fa44cc55b25ad6f

Request headers

Referer
https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1723227643400795971&trId=cqr5ruvvknbfp7c7aijg
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 18:20:45 GMT
cf-cache-status
HIT
last-modified
Fri, 09 Aug 2024 10:25:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6856
etag
"66b5eeb6-687"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tFu0cjrErGOgT7OiOp11cNf0BcCSjen6zXj2cJepzZ4P26Vu2PN3tcwtXNRPpr9vk7G2FRro6u4XX5p9Fppal879Mefy7WCFdzbGZM2ZP5if7jCGTnATljo2hIHYeWwb8cG7FzjbBJH2OEZRYx6zpFETQQ4oAU0MlbXwBYQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8b09c3107d7d4d5c-FRA
content-length
1671
eb4a8eac-7cb1-47da-8a71-05faacdb0d8d
f.pudaf.com/p/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://f.pudaf.com/p/eb4a8eac-7cb1-47da-8a71-05faacdb0d8d?api=vyg6SLajEWjklRFo1ig1JqhMkSHHpSp3FLYvfzZE&si=eb4a8eac-7cb1-47da-8a71-05faacdb0d8d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.121.84.39 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-84-39.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,if-none-match
Access-Control-Request-Method
POST
Origin
https://wheel-crazy-time-tr.pu267ev.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,Content-Length,Content-Type,if-none-match
access-control-allow-methods
GET,POST,HEAD,PUT,DELETE,PATCH
access-control-allow-origin
*
access-control-max-age
43200
date
Fri, 09 Aug 2024 18:20:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
eb4a8eac-7cb1-47da-8a71-05faacdb0d8d
f.pudaf.com/p/ 		58 B
849 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://f.pudaf.com/p/eb4a8eac-7cb1-47da-8a71-05faacdb0d8d?api=vyg6SLajEWjklRFo1ig1JqhMkSHHpSp3FLYvfzZE&si=eb4a8eac-7cb1-47da-8a71-05faacdb0d8d
Requested by
Host: wheel-crazy-time-tr.pu267ev.com
URL: https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1723227643400795971&trId=cqr5ruvvknbfp7c7aijg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.121.84.39 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-84-39.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e385845273860c55d7bb2c32e1acc19c80e03ac39c8f323dad8f891b801df561
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/html, text/plain
Referer
https://wheel-crazy-time-tr.pu267ev.com/
If-None-Match
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/octet-stream

Response headers

x-trace-id
bb0e40fbfc10285b22c735b1cf6b968d
date
Fri, 09 Aug 2024 18:20:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 09 Aug 2024 18:19:05 GMT
accept-ch
sec-ch-ua,ua,sec-ch-ua-platformua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-wow64,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors
etag
66b65dfded2f9c5b3a320faf
vary
Origin
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
If-Match,If-Modified-Since,If-None-Match,ETag,Last-Modified
content-length
58
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
24 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: wheel-crazy-time-tr.pu267ev.com
URL: https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1723227643400795971&trId=cqr5ruvvknbfp7c7aijg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wheel-crazy-time-tr.pu267ev.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 18:20:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52407
x-xss-protection
0
server
cafe
etag
3478101050558663138
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Fri, 09 Aug 2024 18:20:45 GMT
eb4a8eac-7cb1-47da-8a71-05faacdb0d8d
f.pudaf.com/p/ 		58 B
849 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://f.pudaf.com/p/eb4a8eac-7cb1-47da-8a71-05faacdb0d8d?api=vyg6SLajEWjklRFo1ig1JqhMkSHHpSp3FLYvfzZE&si=eb4a8eac-7cb1-47da-8a71-05faacdb0d8d
Requested by
Host: wheel-crazy-time-tr.pu267ev.com
URL: https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1723227643400795971&trId=cqr5ruvvknbfp7c7aijg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.121.84.39 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-84-39.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e385845273860c55d7bb2c32e1acc19c80e03ac39c8f323dad8f891b801df561
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/html, text/plain
Referer
https://wheel-crazy-time-tr.pu267ev.com/
If-None-Match
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/octet-stream

Response headers

x-trace-id
7bd00e43bb5da1139826650f0a4c867e
date
Fri, 09 Aug 2024 18:20:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 09 Aug 2024 18:19:05 GMT
accept-ch
sec-ch-ua,ua,sec-ch-ua-platformua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-wow64,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors
etag
66b65dfd9d0876f99c63e2a4
vary
Origin
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
If-Match,If-Modified-Since,If-None-Match,ETag,Last-Modified
content-length
58
eb4a8eac-7cb1-47da-8a71-05faacdb0d8d
f.pudaf.com/p/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://f.pudaf.com/p/eb4a8eac-7cb1-47da-8a71-05faacdb0d8d?api=vyg6SLajEWjklRFo1ig1JqhMkSHHpSp3FLYvfzZE&si=eb4a8eac-7cb1-47da-8a71-05faacdb0d8d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.121.84.39 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-84-39.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,if-none-match
Access-Control-Request-Method
POST
Origin
https://wheel-crazy-time-tr.pu267ev.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,Content-Length,Content-Type,if-none-match
access-control-allow-methods
GET,POST,HEAD,PUT,DELETE,PATCH
access-control-allow-origin
*
access-control-max-age
43200
date
Fri, 09 Aug 2024 18:20:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
eb4a8eac-7cb1-47da-8a71-05faacdb0d8d
f.pudaf.com/p/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://f.pudaf.com/p/eb4a8eac-7cb1-47da-8a71-05faacdb0d8d?api=vyg6SLajEWjklRFo1ig1JqhMkSHHpSp3FLYvfzZE&si=eb4a8eac-7cb1-47da-8a71-05faacdb0d8d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.121.84.39 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-84-39.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,if-none-match
Access-Control-Request-Method
POST
Origin
https://wheel-crazy-time-tr.pu267ev.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,Content-Length,Content-Type,if-none-match
access-control-allow-methods
GET,POST,HEAD,PUT,DELETE,PATCH
access-control-allow-origin
*
access-control-max-age
43200
date
Fri, 09 Aug 2024 18:20:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
eb4a8eac-7cb1-47da-8a71-05faacdb0d8d
f.pudaf.com/p/ 		58 B
849 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://f.pudaf.com/p/eb4a8eac-7cb1-47da-8a71-05faacdb0d8d?api=vyg6SLajEWjklRFo1ig1JqhMkSHHpSp3FLYvfzZE&si=eb4a8eac-7cb1-47da-8a71-05faacdb0d8d
Requested by
Host: wheel-crazy-time-tr.pu267ev.com
URL: https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1723227643400795971&trId=cqr5ruvvknbfp7c7aijg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.121.84.39 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-84-39.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e385845273860c55d7bb2c32e1acc19c80e03ac39c8f323dad8f891b801df561
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/html, text/plain
Referer
https://wheel-crazy-time-tr.pu267ev.com/
If-None-Match
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/octet-stream

Response headers

x-trace-id
25ba3bb304740d7cdb285164a3680832
date
Fri, 09 Aug 2024 18:20:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 09 Aug 2024 18:19:07 GMT
accept-ch
sec-ch-ua,ua,sec-ch-ua-platformua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-wow64,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors
etag
66b65dffed2f9c5b3a320ff6
vary
Origin
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
If-Match,If-Modified-Since,If-None-Match,ETag,Last-Modified
content-length
58
collect
region1.google-analytics.com/g/ 		0
45 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-FSDW78HQ4L&gtm=45je4880v893553001za200zb893121458&_p=1723227643687&gcd=13l3lPl2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=898961945.1723227645&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1723227644&sct=1&seg=0&dl=https%3A%2F%2Fwheel-crazy-time-tr.pu267ev.com%2F%3Fform_email%3D%257Bform_email%257D%26form_phone%3D%257Bform_phone%257D%26lang%3Dtr%26lrrPath%3Dcasino%252Fprovider%252Fevolution%26pc%3D30%26s1%3Dclickadilla%26s2%3D%255BCLICK_ID%255D%26s3%3Dclickadilla-push%26s4%3D%26s5%3D%26source%3D%26st%3DEKhF64zx%26startTime%3D1723227643400795971%26trId%3Dcqr5ruvvknbfp7c7aijg&dt=150%20000%20%E2%82%BA%20%2B%20250%20fs&en=scroll&ep.timestamp=2024-08-09T20%3A20%3A44.697%2B02%3A00&ep.gtm_version=GTM-TZJH477%20%7C%20v.%204&epn.percent_scrolled=90&_et=15&tfd=6733
Requested by
Host: wheel-crazy-time-tr.pu267ev.com
URL: https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1723227643400795971&trId=cqr5ruvvknbfp7c7aijg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wheel-crazy-time-tr.pu267ev.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Aug 2024 18:20:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wheel-crazy-time-tr.pu267ev.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| landingConfig object| dataLayer string| afto function| aft string| ddjskey object| ddoptions object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| phonePattern object| links object| pageState object| formNotif boolean| dataDomeProcessed object| dataDomeOptions boolean| ddSbh string| afti function| aftUUID function| aftSID function| aftUID function| aftGenSID object| google_tag_manager object| google_tag_data object| recaptcha object| closure_lm_920348 function| onYouTubeIframeAPIReady object| gaGlobal string| _D9tysGh2

8 Cookies

Domain/Path Name / Value
go-pupromo.com/ Name: click-2024-08-09
Value: ",EKhF64zx"
.go-pupromo.com/ Name: __cf_bm
Value: unZsFPtwIpe8mzJU7Oy6JPVbbXl4lubhHLHiIrIs9C8-1723227643-1.0.1.1-Abt84K4V6vX2DoC3Q2bi7leWNUcna9gppIp7Zm8B3KI4aGQLrVGldg9gXP6UtQCK8G4MWhk9xgke358_3HxHVA
go-pupromo.com/ Name: __cflb
Value: 02DiuD27RCKFLAvvEgskoieNUhdFiUKVn4PiXvQgFSpcL
.pu267ev.com/ Name: __cf_bm
Value: 5zCp5wQCgxYl0XjLjlf8IEvoRM0fQUkBSSWJh3rviEM-1723227643-1.0.1.1-60cLFeqjHbRkITP3LiA9avNtrOlzkbzO3b2OEdmqzwLXLtG7G5mZgBBfXaBKWSSUffSs55USnMo_tjJaq4bW8w
wheel-crazy-time-tr.pu267ev.com/ Name: ga-x3sdiid0
Value: hkZDIwZGFjYWVmMDEtNzhhLTRhN200MSNiN2MtYWhlYTI0ZW
.pu267ev.com/ Name: _ga
Value: GA1.1.898961945.1723227645
.pu267ev.com/ Name: datadome
Value: 1kjYSqx_HzeaL5hY~v4fVMGLYX8AcBUV9lQSsULVBJY0ZvMEyXexS98_2vSOjiDKgZo3twY1jGJ62gmQuy2UQaN8IbzpEiBy5RJJBvyA_RZJ~YAW7x9LdF4WKh7BpMYi
.pu267ev.com/ Name: _ga_FSDW78HQ4L
Value: GS1.1.1723227644.1.0.1723227644.0.0.0

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://wheel-crazy-time-tr.pu267ev.com/?form_email=%7Bform_email%7D&form_phone=%7Bform_phone%7D&lang=tr&lrrPath=casino%2Fprovider%2Fevolution&pc=30&s1=clickadilla&s2=%5BCLICK_ID%5D&s3=clickadilla-push&s4=&s5=&source=&st=EKhF64zx&startTime=1723227643400795971&trId=cqr5ruvvknbfp7c7aijg
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-js.datadome.co
f.pudaf.com
fonts.googleapis.com
fs.pudaf.com
go-pupromo.com
js.datadome.co
pagead2.googlesyndication.com
region1.google-analytics.com
wheel-crazy-time-tr.pu267ev.com
www.google.com
www.googletagmanager.com
www.gstatic.com
142.250.184.196
18.185.159.253
18.66.122.18
185.159.247.247
2001:4860:4802:32::36
216.58.206.34
2606:4700:20::ac43:4889
2a00:1450:4001:827::2008
2a00:1450:4001:82b::200a
2a00:1450:4001:831::2003
3.121.84.39
3.64.117.214
2a0d41ac4c8053b18a6e09c64c7c7b2e65eb43583e34a7b03b26be44c38163c7
31fd59bf9d0b3fd3a4040ba7f5a0e0c30bf0b3fd1ebae27b18c5872df9a300cf
3e2c26febf7b51577d135dea6309dbbb01492c6e66dd157c3da5c7bdf293fc5f
4572c20092423c491c830915d4eccaad9b43524a9e74eb39d1ca7db8d66f8370
5677c634481977d00497892ebf81a014c261479dfa8106c8c6d400f42dfbd7e4
59be4f26ebbd3d217c718297b47ecccba9fe2d944b8d1af45ab234261901c3ac
6292d47914f9b1671e0c7b3076ea35aa0127785ed01ae8df56f534171114b08a
6f62f51295d471a285e41bf8063c23b6046ee2770a5c0baa55a5a7ed04251d22
72d888fa51d3f256897c7c81b6680086f4fa50664662bbf48cf28ced83314ed4
8989b0ba795953979f81f0b2c3578193b9970d67a17ff6afe34d31a46236569a
932313c65ee1bffa5ba2771f458af0a25c645dda963b1d74c5e37ece643fa0f9
9392ee9abc6973a734d747f6e7bdfe28d1dd2594abca0b0df1b92e3d161fd14f
9f4dd081764684e967c695a7ca1227fa7998736c83e4d9608fa44cc55b25ad6f
a50136004ee9efc85b03c8c52282aecf377a54bf436cae3868b6c71e1fbaa68d
adbb40715f9a17077d435955d752d70bb34b4b99f3eed7f72da22abb495aaba3
aeac24730f4080c22a0250b34eb8b26ee822e09035b3f6e84ebd8a63eb099f91
baa8363375f1811d2ef52f54a14f2a40a47e96f181ed3462eabf4aa254ac3ed7
bb87f83de7cfb393caa5e970b9382af03901c4be5d54df17491a9fe6c2350247
bd1ac4b6407bba720f490d5409d18fa390947443ae4067a5c6c279fdf949f703
d0071e5cf68a74c19bd55355486916183bff7afa7f1d16aea03e04736aa621e3
d504fbebade88990eafbbde18fbe5364c3c25a9784fbdd85c7b09c6c5a20dfd5
d9cf47784e8afcf57e1b02f42022e6c75227328ad07ff706edadfde8321a0ce9
dda44dc7be2e45d359cebdcb2f958d375fda16aef7caf626aa597aa2cea9570a
e385845273860c55d7bb2c32e1acc19c80e03ac39c8f323dad8f891b801df561
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4dcfa62697489ac0a1d54cb03dba9febca086fdafb891a6f165041645c64482
fac096aafa62f48129a54bf856fd215d128a3bf8eada7a6bd9181a04fed4fd32